Certified Information Systems Security Professional (CISSP)

As the true entry point to career excellence, a CISSP starts newcomers on their path to Information Systems Security certifications and future leadership roles.


Why Certified in Information Systems Security Professional?

The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the cybersecurity market. CISSP validates a cybersecurity professional’s deep technical and managerial knowledge and experience to effectively design, engineer and manage an organization’s overall security posture.

Target Audience

Cybersecurity professionals with at least 5 years in the information security field. Member data has shown that a majority of CISSP holders are in middle management and a much smaller proportion are in senior or junior/entrylevel positions. Roles include:

  • Chief Information Officer
  • Chief Information Security Officer
  • Chief Technology Officer
  • Compliance Manager / Officer
  • Director of Security
  • Information Architect
  • Information Manager / Information Risk
    Manager or Consultant
  • IT Specialist / Director / Manager
  • Network / System Administrator
  • Security Administrator
  • Security Architect / Security Analyst
  • Security Consultant
  • Security Manager
  • Security Systems Engineer / Security Engineer


CISSP is relevant across all sectors and industries, including:

  • Aerospace
  • Automotive
  • Banking, financial services, insurance (BFSI)
  • Construction
  • Cybersecurity
  • Energy
  • Engineering
  • Government
  • Healthcare
  • IT products, services, consulting
  • Manufacturing
  • Pharma
  • Retail
  • Telecom

Required Experience

Candidates must have a minimum of 5 years’ cumulative work experience in 2 or more of the 8 domains of the CISSP Common Body of Knowledge (CBK). Earning a 4-year college degree or regional equivalent or a recognized credential from the ISC2 approved list will satisfy 1 year of the required experience. Education credit will only satisfy 1 year of experience. A candidate who doesn’t have the required experience may become an Associate of ISC2 by successfully passing the CISSP examination. The Associate of ISC2 will then have 6 years to earn the 5 years of required experience. Quick Read:
  • Requires 5 years’ professional experience in 2 or more of the certification’s 8 domains
  • College degree or education credit may satisfy 1 year of required experience
  • Candidates with less experience may become Associates of ISC2 after successfully passing the exam

Exam Domains

  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security

Exam Details

Exam Availability: English | Testing Centre: Pearson VUE

4 hr

Exam Length


Number of
Exam Items

Multiple Choice

Item Format


Passing Score


Course Fee
Exam Fee $1110 (AUD)
“This course may be undertaken as a self paced program, which can be completed at your own pace, in your own time.”

Book a call with one of our skilled consultants to discuss your organisations specific requirements.


Steps to Certification


Obtain the required experience

See alternate Associate pathway for those who do not yet meet experience requirement


Take and Pass the Exam

Find a local Pearson VUE Test Center and register for the exam at www.pearsonvue.com/isc2


Complete the endorsement process

Get work experience endorsed by an ISC2 member within 9 months from exam date

Agree to the ISC2 Code of Ethics


Maintain membership

  • Earn and submit a minimum of 30 CPEs each year; 90 CPEs by the end of the 3-year recertification cycle
  • Pay the annual maintenance fee of $125, due each year upon the anniversary of the certification date (if member holds more than one, whichever anniversary date comes first). Members only pay a single AMF of $125 regardless of how many certifications they hold.
Certified in Information Systems Security Professional

Benefits of Certified in Information Systems Security Professional

For the Individual

Positioned as an authority figure on cybersecurity, proving proficiency to keep up with new technologies, developments and threats. Quickly conveys knowledge and inspires trust.

The highest standard for cybersecurity expertise. It’s vendor-neutral, accredited and requires both practical knowledge and professional experience to earn.

Advanced knowledge and skills to stay ahead of cybersecurity best practices, evolving technologies and mitigation strategies.

Vendor-neutral and multivendor knowledge can be applied across different technologies and methodologies, increasing marketability and ensuring ability to protect sensitive data in a global environment.

Raises visibility and credibility, improves job security and creates new job opportunities.

Depending on country and employer. On average, (ISC)² members report having 35% higher salaries than non-members.

For the Organisation

Strengthen the security posture with qualified professionals who have proven expertise to competently design, build and maintain a secure business environment.

Implement the latest security best practices.

Ensure professionals speak the same language across disciplines and have cross-department perspective.

Increase organizational integrity in the eyes of clients and other stakeholders.

Meet certification mandates for service providers and subcontractors.

Ensure work teams are up-to-date on emerging and evolving technologies, threats and mitigation strategies by meeting (ISC)² Continuing Professional Education (CPE) requirements.

Comply with government or industry regulations (DoD 8140.01/8570.01 approved).